NAIC Task Force Considers Insurtech Rules

The Innovation and Technology Task Force of the National Association of Insurance Commissioners met on March 26 to discuss a range of Insurtech topics—how insurers use algorithms and predictive modeling to set rates, how many states will soon adopt the NAIC Model Law on Data Security, and whether states should enact “regulatory sandbox” laws specifically allowing regulators to waive rules that could hinder insurance innovation. The Task Force decided:

• It would ask for technical assistance from NAIC staff to better understand how insurers are using algorithms and predictive models to set rates, particularly for personal auto and homeowners policies.
• It would seek legal advice from NAIC counsel on the applicable procedures for maintaining confidentiality of any proprietary algorithms and models involved in staff’s analysis.
• It would work with the NAIC Actuarial and Statistical Task Force in considering model legislation governing the use of those algorithms and models in required rate filings.

The Task Force also heard a report that in South Carolina and Rhode Island legislation has been introduced and could pass this year to enact the Data Security model act with more states to follow. Currently, this model act is not yet an NAIC accreditation standard, although that may change if Congress threatens to impose a preemptive federal law on the states. The Task Force will be considering how best to develop a central electronic mechanism for insurance companies to report data breaches as required by the model law and the regulations already issued by the New York Department of Financial Services.

Concerning the concept of “regulatory sandboxes,” legislation has been introduced in Hawaii, Illinois, and Massachusetts to authorize limited waivers of insurance laws. However, several Commissioners stated that they already had the power to waive or vary rules which could hinder insurance innovations and did not consider a specific new waiver law to be necessary. NAIC staff will survey Task Force members—some 40 states—to gauge how many regulators also believe they have sufficient flexibility under current law to allow for such innovations as electronic delivery of auto insurance identification cards and cancellation/non-renewal notices, assuming the policyholder explicitly consented to such electronic delivery.